Fortinet Introduces the World’s First Hyperscale Firewall

John Maddison, EVP of products and CMO at Fortinet

“Fortinet continues to push the boundaries of hardware-accelerated performance to enable the convergence of security and networking – what we call Security-driven Networking. The FortiGate 4400F Network Firewall delivers unprecedented scale and performance that is up to 13 times better than comparable products. As the only network firewall capable of securing hyperscale data centers and 5G networks, FortiGate 4400F leads the industry in what is possible for data center security.”

 

Hyperscale Data Centers Require Hyperscale Security

Today’s most digitally innovative organizations face escalating and often unpredictable capacity needs that are quickly outpacing their security solution’s performance capabilities. As a result, security has become the choke point for traffic entering and exiting most hyperscale data centers, adversely affecting user experience, and bringing productivity to a crawl, causing many network admins to feel pressured by business demands to forego security safeguards. Allowing all traffic to flow freely into and out of an organization’s network without security opens organizations up to the risk of cyberattacks, which can severely damage their brand reputation and cause potential loss in revenue due to extended downtime. While many organizations have successfully deployed hyperscale network architectures, achieving hyperscale security has been a significant challenge. To-date,some vendors claim to implement hyperscale security through multiple firewalls orchestrated together to achieve a hyperscale architecture, which has proven to be cumbersome and expensive. The hardware acceleration via purpose-built NP7 network processors of FortiGate 4400F uniquely delivers the first single compact appliance with security performance and scale that keeps up with the growth of today’s hyperscale data centers and enables the following use cases:

  • High Velocity e-Retail:Allows high-velocity e-retail businesses to deliver the best possible user experience for their customers by supporting tens of millions of connections per second, enabling essential layer 4 security, and delivering hardware-accelerated prevention of distributed denial of service (DDoS) attacks.
  • Cutting-edge research:Enhances productivity for cutting-edge research facilities and other verticals like oil and gas by supporting the secure transfer of extremely large datasets – also known as elephant flows – of up to 100Gbps. For situations that require encrypting at high speeds, IPsec can be turned on non-intrusively to support high-bandwidth IPsec tunnel flows.
  • Financial institutions, cloud providers and other large enterprises: Allows businesses to launch services in the most agile and secure fashion possible to increase productivity and revenue. By accelerating VXLAN-based segmentation, FortiGate 4400F enables super-fast communication between massively scaled services (such as compute, storage, or apps) that are co-hosted on physical and virtualized domains. These large scale segments can be protected with essential Layer 4 or advanced Layer 7 security.

 

5G Speeds Need Security at Scale that Can Keep Up

Today’s hyperconnected world allows user-to-user, user-to-machine, and machine-to-machine communication, which in turn puts huge demands on security to be delivered at massive scale. As4G transitions to 5G, these demands will be pushed to their limits as network operation teams must ensure both security and business continuity. Most solutions lack the required scale to overcome IPv4 address scarcity, growing mobile bandwidth demands, and increasing numbers of encrypted tunnels connecting infrastructure, which in turn holds carriers back from being able to support a large set of  customers. FortiGate 4400F uniquely addresses these pain points, delivering:

  • Carrier-grade network address translation (CGNAT) that enables hyperscale Packet Delivery Network (PDN) while preserving user experience with hardware-accelerated user session setup rates, low latency and hardware-assisted logging for audit and control.
  • Critical scale for Security Gateway (SecGW) at 4G and 5G mobile for Radio Access Network (RAN) control to enable services providers to build high capacity networks that maximize return on investment.
  • Allows service providers to differentiate their customer offerings by delivering additional value-added services such as parental control with technologies like URL filtering.

 

FortiGate 4400F vs. Competitors

Below is a comparison of the top firewalls on the market against the FortiGate 4400F series. Security Compute Ratingis a benchmark (performance multiplier) that compares FortiGate Network Firewall performance versus the industry average of competing products across various categories that fall within the same price band.

 

Specification FortiGate 4401F Industry

Average

Security Compute Rating Palo Alto

PA-70502

Checkpoint

CP28000

Cisco

FPR-4145

Juniper

SRX54003

Firewall 1.2Tbps 165Gbps 7x N/A 145Gbps 80Gbps 270Gbps
Concurrent Sessions 600M1 46M 13x 32M 32M 30M 91M
Connections per Second 10M1 0.822M 12x 623K 615k 350k 1.7M
IPsec VPN  420Gbps 39Gbps 11x 28Gbps 49Gbps 18Gbps 60Gbps
Threat Protection  70Gbps 34Gbps 2x 37Gbps 30Gbps N/A N/A
SSL Inspection 65Gbps 10Gbps 6.5x N/A N/A 10Gbps N/A

 

  • Target values – Enabled by a Hyperscale License
  • PAN: Calculated with 1-NPC (100G-NPC) cards, no services and support​
  • ​Juniper: SRX5400E-B2-AC

 

FortiGate 4400F showcases the industry’s highest performance with Security Compute Ratings up to 13x better than the competition. As a result, organizations can enjoy far greater headroom for digital innovation with Fortinet TCO savings and have the resources to respond to unexpected events.

 

Powered by Security-driven Networking

FortiGate 4400F leverages security-driven networking principals to enable ultra-scalable, secure distributed networks and hyperscale data centers. Security-driven Networking solutions are not only faster and scale further than the competition, they are also much more cost-effective, delivering the industry’s best price/performance in a compact form factor for additional lower costs associated with lower rack space, power and cooling requirements. Fortinet also offers industry leading automation and orchestration capabilities as part of Fabric Management Centerand FortiOS. Additionally, Fortinet continues to be a proponent of Open APIs and is committed to support industry initiatives like OpenConfig with the goal of delivering automation to streamline operations.

 

The FortiGate 4400F, as a part of an integrated security platform via the Fortinet Security Fabric, also provides security for hybrid data centers as follows:

  • Protection from known attacks with AI-poweredFortiGuard servicesincluding web filtering and intrusion prevention system services.
  • Proactive threat detection for any segmentation that a customer plans to adopt with a Security Compute Rating of 2x.
  • Full visibility into threats and removes blind spots with SSL inspection including TLS 1.3 that is 6.5x better than competing products.
  • Protection of business critical applications and servers by offering virtual patching using high performance consolidated IPS.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.